Monday, 2015-09-14

« Sunday, 2015-09-13 Index Tuesday, 2015-09-15 »
*** salv-orlando has joined #openstack-security01:01
*** salv-orlando has quit IRC01:06
*** openstackgerrit has quit IRC01:16
*** openstackgerrit has joined #openstack-security01:16
*** jamielennox|away is now known as jamielennox02:14
*** yuanying has quit IRC02:34
*** yuanying has joined #openstack-security02:37
*** markvoelker has joined #openstack-security02:43
*** sdake has joined #openstack-security02:44
*** markvoelker has quit IRC02:48
*** dave-mccowan has quit IRC02:52
*** sdake_ has joined #openstack-security02:56
*** sdake has quit IRC02:59
*** sdake has joined #openstack-security03:06
*** sdake_ has quit IRC03:09
*** sdake_ has joined #openstack-security03:20
*** sigmavirus24_awa has quit IRC03:23
*** sdake has quit IRC03:24
*** sigmavirus24_awa has joined #openstack-security03:29
*** sigmavirus24_awa has joined #openstack-security03:29
*** salv-orlando has joined #openstack-security03:32
*** salv-orlando has quit IRC03:45
*** sdake has joined #openstack-security03:48
*** sdake_ has quit IRC03:52
*** jbasalone has quit IRC04:16
*** pcaruana has quit IRC04:43
*** Canaimero-e64b7 has joined #openstack-security04:44
*** markvoelker has joined #openstack-security04:45
Canaimero-e64b7O04:46
*** Canaimero-e64b7 has left #openstack-security04:46
*** markvoelker has quit IRC04:49
*** salv-orlando has joined #openstack-security05:04
*** salv-orlando has quit IRC05:11
*** jerrygb has quit IRC05:12
*** sdake_ has joined #openstack-security05:17
*** sdake has quit IRC05:20
openstackgerritStanislaw Pitucha proposed openstack/anchor: Don't accept unknown extensions  https://review.openstack.org/22297006:14
*** shohel has joined #openstack-security06:27
*** salv-orlando has joined #openstack-security06:32
openstackgerritStanislaw Pitucha proposed openstack/anchor: Fix all the doc build paths  https://review.openstack.org/22088106:36
*** salv-orlando has quit IRC06:40
*** markvoelker has joined #openstack-security06:45
*** markvoelker has quit IRC06:50
*** pcaruana has joined #openstack-security06:53
openstackgerritStanislaw Pitucha proposed openstack/anchor: Add operations on extended key usage  https://review.openstack.org/22298607:15
openstackgerritStanislaw Pitucha proposed openstack/anchor: Add operations on extended key usage  https://review.openstack.org/22298607:21
*** shohel has quit IRC08:04
*** shohel1 has joined #openstack-security08:04
*** alex_klimov has joined #openstack-security08:37
*** salv-orlando has joined #openstack-security08:38
*** salv-orlando has quit IRC08:43
*** markvoelker has joined #openstack-security08:46
*** markvoelker has quit IRC08:51
*** salv-orlando has joined #openstack-security09:05
*** tmcpeak has joined #openstack-security09:48
*** shohel1 has quit IRC10:11
*** shohel has joined #openstack-security10:11
*** openstackgerrit has quit IRC10:16
*** openstackgerrit has joined #openstack-security10:16
*** lexholden has joined #openstack-security10:27
openstackgerritOpenStack Proposal Bot proposed openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/22304010:29
*** tmcpeak has quit IRC10:29
*** markvoelker has joined #openstack-security10:47
*** salv-orlando has quit IRC10:49
*** salv-orlando has joined #openstack-security10:50
*** markvoelker has quit IRC10:51
*** tmcpeak has joined #openstack-security10:52
*** shohel has quit IRC11:04
*** salv-orl_ has joined #openstack-security11:34
*** dave-mccowan has joined #openstack-security11:36
*** salv-orlando has quit IRC11:36
*** salv-orlando has joined #openstack-security11:38
*** salv-orl_ has quit IRC11:40
*** shohel has joined #openstack-security11:46
*** markvoelker has joined #openstack-security11:48
*** markvoelker has quit IRC11:52
*** shohel has quit IRC11:53
*** shohel1 has joined #openstack-security11:53
*** salv-orlando has quit IRC11:57
*** salv-orlando has joined #openstack-security11:58
*** salv-orl_ has joined #openstack-security12:01
*** salv-orl_ has quit IRC12:01
*** salv-orl_ has joined #openstack-security12:02
*** salv-orlando has quit IRC12:04
*** lexholden has quit IRC12:06
*** openstackgerrit has quit IRC12:16
*** openstackgerrit has joined #openstack-security12:16
*** markvoelker has joined #openstack-security12:24
*** edmondsw has joined #openstack-security12:31
*** lexholden has joined #openstack-security12:48
*** lexholden has quit IRC12:49
*** lexholden has joined #openstack-security12:53
*** tmcpeak has quit IRC12:58
*** tmcpeak has joined #openstack-security12:59
*** openstackgerrit has quit IRC13:16
*** openstackgerrit has joined #openstack-security13:16
*** sdake_ is now known as sdake13:30
*** dwyde has joined #openstack-security13:36
*** salv-orlando has joined #openstack-security13:40
*** salv-orl_ has quit IRC13:40
*** wverdugo500 has joined #openstack-security13:43
*** salv-orlando has quit IRC13:45
*** salv-orlando has joined #openstack-security13:45
*** sigmavirus24_awa is now known as sigmavirus2414:00
*** pcaruana has quit IRC14:27
*** gmurphy has joined #openstack-security14:34
*** sdake has quit IRC14:36
*** pcaruana has joined #openstack-security14:40
*** voodookid has joined #openstack-security14:46
*** jmckind has joined #openstack-security14:48
*** shohel1 has quit IRC15:05
*** jerrygb has joined #openstack-security15:06
*** nkinder has joined #openstack-security15:17
openstackgerritMerged openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/22304015:19
*** pcaruana has quit IRC15:19
*** ccneill has joined #openstack-security15:27
*** edaught has quit IRC15:35
*** edaught has joined #openstack-security15:38
*** edaught_ has joined #openstack-security15:38
*** alex_klimov has quit IRC15:57
*** openstackgerrit has quit IRC16:01
*** openstackgerrit has joined #openstack-security16:01
*** lexholden has quit IRC16:13
*** jerrygb has quit IRC16:19
*** jennyb has joined #openstack-security16:20
*** jennyb is now known as jbasalone16:29
*** jbasalone is now known as jennyb16:32
*** jkf has joined #openstack-security16:37
*** sicarie has joined #openstack-security16:52
jkfGreetings, can someone tell me if there is a way to contact the VMT directly? I need to find out what the expecations are for how quickly vulnerability reports are handled.16:52
tmcpeakjkf there are instructions for contacting them on the VMT page16:53
*** edmondsw has quit IRC16:54
tmcpeakjkf your question might be answered already though, please read this: https://security.openstack.org/vmt-process.html16:54
jkfMaybe I missed something, but I've dug through security and vulnerability pages and didn't see anything obvious besides the links to the security group.16:54
tmcpeakhave you visited this page I pasted above?16:55
tmcpeakwhat do you specifically want to know? how quickly they will respond if you post a private security bug?16:55
jkfI have read that page.16:55
tmcpeakit's usually very quickly (within 24 hours)16:55
*** dwyde has quit IRC16:56
jkfThat is what I wanted to find out. I posted a vulnerability two weeks ago and haven't seen any kind of movement on it.16:56
tmcpeakwhich project did you post it in?16:56
jkfBarbican16:56
* redrobot pokes head in16:56
*** jennyb has quit IRC16:57
tmcpeakredrobot is your man :)16:57
redroboton a related note, how does one go about being added to the security group in gerrit?16:57
tmcpeakmy guess is that it is a coresec supported project, so they get first crack (before VMT)16:57
jkfredrobot: hey16:57
redrobotI'm actually unable to see the bug that jkf filed. :(16:57
tmcpeakredrobot: which security group?16:57
tmcpeakredrobot: does your project have a corsec group?16:58
tmcpeak*coresec16:58
redrobottmcpeak launchpad group16:58
redrobotbarbican-coresec?16:58
redrobotI don't think so...  maybe I should start there?16:58
tmcpeakit looks like it does not: https://wiki.openstack.org/wiki/CrossProjectLiaisons16:59
tmcpeakelmiko: you around?16:59
elmikoyo16:59
tmcpeakcan you point redrobot to how to set up coresec for Barbican?16:59
tmcpeakI've never done it16:59
elmikohmm, i haven't done it either. this may be a hyakuhei question17:00
tmcpeakoooh, you are coresec for Sahara though, aren't you?17:00
elmikoyea, but we didn't setup special perms for that17:00
tmcpeakhmm gotcha17:01
elmikolet me look at gerrit17:01
elmikosicarie: hey17:01
sicariehello17:01
tmcpeakjkf: Barbican might not be a vmt supported project also17:01
sicarieelmiko: How’s it going17:02
elmikotmcpeak, redrobot, i don't think i have perms to setup a coresec for another project. we might need hyakuhei or someone from infra17:02
elmikosicarie: not bad, how's things on your end ?17:03
*** shelleea007 has joined #openstack-security17:03
sicarieelmiko: it’s monday17:03
sicarieDaviey: ping?17:03
shelleea007Hi everyone17:03
elmikosicarie: hehe17:03
elmikohi17:03
jkftmcpeak: That's possible, I don't recall if Barbican is on their project list or not.17:04
tmcpeakjkf in any case, you want to speak to redrobot :)17:04
tmcpeakjkf best thing is to probably subscribe him to the bug17:04
jkftmcpeak: I did, he was the first I went to, but even he was locked out of the ticket.17:04
tmcpeakjkf yeah, you'll need to add him to the bug17:04
jkftmcpeak: ok, I can do that.17:04
tmcpeakredrobot: you should look into VMT status of Barbican and see who's actually getting those notifications :)17:05
*** tmcpeak has quit IRC17:05
sicarieha, was just about to ask him if that convo was good17:06
sicariealright then shelleea007, elmiko17:06
elmikolet's do this!17:06
sicarieprobably going to be a quick one today17:06
sicariehttps://bugs.launchpad.net/openstack-manuals/+bugs?field.tag=sec-guide17:06
*** jbasalone has joined #openstack-security17:06
shelleea007okie dokie17:06
sicarieThree undecided’s at the bottom17:06
sicarieFirst up: https://bugs.launchpad.net/openstack-manuals/+bug/149004717:07
openstackLaunchpad bug 1490047 in openstack-manuals "Update Links in Management interfaces in Security Guide" [Undecided,In progress] - Assigned to Jeffrey Olsen (jeffrey-olsen)17:07
sicarieSeems rather straightforward to me - I’d say ‘traiged’ and low importance17:07
elmikoyea, low or medium. if the links are wrong we should probably fix em.17:08
shelleea007+117:08
sicarieshelleea007: you’re the tie-breaker here17:09
sicarielow or medium? :)17:09
elmikomedium =)17:09
shelleea007im looking hold one minute17:09
elmikok17:09
shelleea007i concur medium17:09
sicarielame :)17:10
sicariedone17:10
elmikolol17:10
sicarieokay, second : https://bugs.launchpad.net/openstack-manuals/+bug/149104117:10
openstackLaunchpad bug 1491041 in openstack-manuals "There's a grammar error in section "Compartmentalize" of Compliance overview in Security Guide" [Undecided,In progress] - Assigned to Marianne Linhares Monteiro (mariannelinharesm)17:10
shelleea007im sorry but broken links is a royal pain17:10
sicarieTrue, but also easily google-able (IMO)17:10
sicarieSo this looks like a minor grammar/spelling fix17:10
sicarieso I’d again say ‘Triaged/Low'17:10
elmiko+117:11
shelleea007def low17:11
sicarieDone, so last new bug: https://bugs.launchpad.net/openstack-manuals/+bug/149505117:11
openstackLaunchpad bug 1495051 in openstack-manuals "Integrity life-cycle in Security Guide" [Undecided,In progress] - Assigned to venkatamahesh (venkatamaheshkotha)17:11
sicarieAnother link - should this be medium as well?17:11
elmikoyea, i'm with shelleea007, bad links are annoying. medium17:12
shelleea007yeah, the only reason I say that isnt just because the links is a royal pain, its also the fact that it makes us look kind of unprofessonal and such17:12
shelleea007unprofessional too17:12
elmikoshelleea007++17:12
shelleea007its monday, need more coffee17:12
sicarieDone17:12
sicarieAgreed17:12
sicarieSo that’s it for new bugs17:13
elmikocool17:13
shelleea007yeah just wait till next week.17:13
sicarieI have an outstanding review I need to update (thanks for the feedback elmiko: i’ll try to hit that today)17:13
shelleea007lol, there will be lots more new bugs17:13
elmikoshelleea007: are there some big reviews going on for the freeze?17:14
shelleea007no I am going through a couple of the chapters because I have some free time, so...17:14
sicarieawesome17:14
elmikoah, very cool =)17:14
shelleea007last time I did that i submited like 6017:14
elmikooh wow17:15
elmikoi'll try to pickup a few bugs this week then ;)17:15
sicarieSo what I’d really like to do is focus on content - we have the rst2pdf converter17:15
elmikocool17:15
sicarieI’d like to identify what our end-state should be to create a new pdf and then push that to the lulu (book) version17:15
shelleea007yeah, i dont get down time very often, so I tend to try to get as much done as possible during that time17:15
elmikosicarie: +117:16
sicarieSo yeah, any over-arching content/structure/etc reviews you guys want to put in, more than fixing the little stuff would be awesome17:16
sicarieOnce we figure out the end state we want to be in, I’m going to push to get that submitted before Tokyo17:16
elmikonice17:17
shelleea007super.17:17
sicarieCool, is there anything else to go over?17:18
elmikonothing from me17:18
shelleea007nope I am good17:18
sicariecool17:18
sicarieThanks everyone! See you next week!17:18
elmikothanks sicarie17:18
shelleea007see ya17:19
*** sicarie has quit IRC17:19
*** shelleea007 has quit IRC17:19
*** edmondsw has joined #openstack-security17:24
*** openstackgerrit has quit IRC18:16
*** openstackgerrit has joined #openstack-security18:16
*** dwyde has joined #openstack-security18:19
*** sdake has joined #openstack-security18:33
*** sdake_ has joined #openstack-security18:36
*** sdake has quit IRC18:39
openstackgerritMerged openstack/security-doc: There's an grammar error in section "Compartmentalize" of Compliance overview in Security Guide.  https://review.openstack.org/21943918:43
*** salv-orl_ has joined #openstack-security19:45
*** salv-orlando has quit IRC19:47
*** tjt263 has quit IRC19:50
*** openstackgerrit has quit IRC20:31
*** openstackgerrit has joined #openstack-security20:31
*** edmondsw has quit IRC20:34
openstackgerritbruce-benjamin proposed openstack/security-doc: [security-guide] Ephemeral encryption setup  https://review.openstack.org/21895620:35
*** jmckind_ has joined #openstack-security20:46
*** jmckind has quit IRC20:49
*** jbasalone has quit IRC20:53
*** jennyb has joined #openstack-security21:00
*** jmckind_ has quit IRC21:28
*** alex_klimov has joined #openstack-security21:36
*** openstackgerrit has quit IRC21:46
*** openstackgerrit has joined #openstack-security21:46
*** jennyb has quit IRC21:48
*** edaught has quit IRC21:50
*** edaught_ has quit IRC21:50
*** jbasalone has joined #openstack-security22:06
*** dave-mccowan has quit IRC22:14
*** dwyde has quit IRC22:29
*** alex_klimov has quit IRC22:36
*** sdake has joined #openstack-security22:58
*** sdake_ has quit IRC23:02
*** jbasalone has quit IRC23:04
*** dave-mccowan has joined #openstack-security23:04
*** voodookid has quit IRC23:05
*** markvoelker has quit IRC23:06
*** tjt263 has joined #openstack-security23:15
*** jennyb has joined #openstack-security23:19
*** jennyb has quit IRC23:34
*** jbasalone has joined #openstack-security23:35
*** markvoelker has joined #openstack-security23:39
*** lanena has joined #openstack-security23:52
lanenaquien al privado23:53
lanenaey alguien aki conoce a luiz123:58
« Sunday, 2015-09-13 Index Tuesday, 2015-09-15 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!